package org.jboss.as.cli.impl.aesh.cmd.security.auth;

import java.io.IOException;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.aesh.command.CommandDefinition;
import org.aesh.command.CommandException;
import org.aesh.command.impl.internal.ParsedCommand;
import org.aesh.command.option.Option;
import org.jboss.as.cli.CommandContext;
import org.jboss.as.cli.impl.aesh.cmd.security.HttpServerCommandActivator;
import org.jboss.as.cli.impl.aesh.cmd.security.SecurityCommand;
import org.jboss.as.cli.impl.aesh.cmd.security.model.ApplicationSecurityDomain;
import org.jboss.as.cli.impl.aesh.cmd.security.model.AuthFactorySpec;
import org.jboss.as.cli.impl.aesh.cmd.security.model.AuthSecurityBuilder;
import org.jboss.as.cli.impl.aesh.cmd.security.model.ElytronUtil;
import org.jboss.as.cli.impl.aesh.cmd.security.model.HTTPServer;
import org.jboss.as.cli.operation.OperationFormatException;
import org.wildfly.core.cli.command.aesh.CLICompleterInvocation;
import org.wildfly.core.cli.command.aesh.activator.AbstractDependRejectOptionActivator;

@CommandDefinition(name = "enable-http-auth-http-server", description = "", activator = HttpServerCommandActivator.class)
/* loaded from: input_file:org/jboss/as/cli/impl/aesh/cmd/security/auth/HTTPServerEnableAuthCommand.class */
public class HTTPServerEnableAuthCommand extends AbstractEnableAuthenticationCommand {

    @Option(name = "security-domain", required = true, completer = SecurityCommand.OptionCompleters.SecurityDomainCompleter.class)
    String securityDomain;

    @Option(name = SecurityCommand.OPT_MECHANISM, completer = FactoryMechanismCompleter.class, activator = MechanismActivator.class)
    String factoryMechanism;

    @Option(name = SecurityCommand.OPT_REFERENCED_SECURITY_DOMAIN, completer = SecurityCommand.OptionCompleters.ReferencedSecurityDomainCompleter.class, activator = ReferencedSecurityDomainActivator.class)
    String referencedSecurityDomain;
    private final CommandContext ctx;

    /* loaded from: input_file:org/jboss/as/cli/impl/aesh/cmd/security/auth/HTTPServerEnableAuthCommand$FactoryMechanismCompleter.class */
    public static class FactoryMechanismCompleter extends SecurityCommand.OptionCompleters.MechanismCompleter {
        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.jboss.as.cli.impl.aesh.cmd.security.SecurityCommand.OptionCompleters.MechanismCompleter, org.jboss.as.cli.impl.aesh.cmd.AbstractCompleter
        public List<String> getItems(CLICompleterInvocation cLICompleterInvocation) {
            HTTPServerEnableAuthCommand hTTPServerEnableAuthCommand = (HTTPServerEnableAuthCommand) cLICompleterInvocation.getCommand();
            try {
                if (hTTPServerEnableAuthCommand.securityDomain == null) {
                    return Collections.emptyList();
                }
                ApplicationSecurityDomain securityDomain = HTTPServer.getSecurityDomain(hTTPServerEnableAuthCommand.ctx, hTTPServerEnableAuthCommand.securityDomain);
                return (securityDomain == null || securityDomain.getFactory() != null) ? super.getItems(cLICompleterInvocation) : Collections.emptyList();
            } catch (Exception e) {
                return Collections.emptyList();
            }
        }
    }

    /* loaded from: input_file:org/jboss/as/cli/impl/aesh/cmd/security/auth/HTTPServerEnableAuthCommand$MechanismActivator.class */
    public static class MechanismActivator extends AbstractDependRejectOptionActivator {
        private static final Set<String> EXPECTED = new HashSet();
        private static final Set<String> REJECTED = new HashSet();

        public MechanismActivator() {
            super(false, EXPECTED, REJECTED);
        }

        @Override // org.wildfly.core.cli.command.aesh.activator.AbstractDependRejectOptionActivator, org.aesh.command.activator.OptionActivator
        public boolean isActivated(ParsedCommand parsedCommand) {
            ApplicationSecurityDomain securityDomain;
            if (!super.isActivated(parsedCommand)) {
                return false;
            }
            HTTPServerEnableAuthCommand hTTPServerEnableAuthCommand = (HTTPServerEnableAuthCommand) parsedCommand.command();
            try {
                if (hTTPServerEnableAuthCommand.securityDomain != null && (securityDomain = HTTPServer.getSecurityDomain(hTTPServerEnableAuthCommand.ctx, hTTPServerEnableAuthCommand.securityDomain)) != null) {
                    if (securityDomain.getFactory() == null) {
                        return false;
                    }
                }
                return super.isActivated(parsedCommand);
            } catch (IOException | OperationFormatException e) {
                return false;
            }
        }

        static {
            REJECTED.add(SecurityCommand.OPT_REFERENCED_SECURITY_DOMAIN);
            EXPECTED.add("security-domain");
        }
    }

    /* loaded from: input_file:org/jboss/as/cli/impl/aesh/cmd/security/auth/HTTPServerEnableAuthCommand$ReferencedSecurityDomainActivator.class */
    public static class ReferencedSecurityDomainActivator extends AbstractDependRejectOptionActivator {
        private static final Set<String> EXPECTED = new HashSet();
        private static final Set<String> REJECTED = new HashSet();

        public ReferencedSecurityDomainActivator() {
            super(false, EXPECTED, REJECTED);
        }

        @Override // org.wildfly.core.cli.command.aesh.activator.AbstractDependRejectOptionActivator, org.aesh.command.activator.OptionActivator
        public boolean isActivated(ParsedCommand parsedCommand) {
            ApplicationSecurityDomain securityDomain;
            HTTPServerEnableAuthCommand hTTPServerEnableAuthCommand = (HTTPServerEnableAuthCommand) parsedCommand.command();
            try {
                if (!HTTPServer.isReferencedSecurityDomainSupported(hTTPServerEnableAuthCommand.ctx)) {
                    return false;
                }
                if (hTTPServerEnableAuthCommand.securityDomain == null || (securityDomain = HTTPServer.getSecurityDomain(hTTPServerEnableAuthCommand.ctx, hTTPServerEnableAuthCommand.securityDomain)) == null || securityDomain.getSecurityDomain() != null) {
                    return super.isActivated(parsedCommand);
                }
                return false;
            } catch (IOException | OperationFormatException e) {
                return false;
            }
        }

        static {
            REJECTED.add(SecurityCommand.OPT_MECHANISM);
            EXPECTED.add("security-domain");
        }
    }

    public HTTPServerEnableAuthCommand(CommandContext commandContext) {
        super(AuthFactorySpec.HTTP);
        this.ctx = commandContext;
    }

    @Override // org.jboss.as.cli.impl.aesh.cmd.security.auth.AbstractEnableAuthenticationCommand
    protected String getMechanism() {
        return this.factoryMechanism;
    }

    @Override // org.jboss.as.cli.impl.aesh.cmd.security.auth.AbstractEnableAuthenticationCommand
    protected void secure(CommandContext commandContext, AuthSecurityBuilder authSecurityBuilder) throws Exception {
        ApplicationSecurityDomain securityDomain = HTTPServer.getSecurityDomain(commandContext, this.securityDomain);
        if (securityDomain == null) {
            HTTPServer.enableHTTPAuthentication(authSecurityBuilder, this.securityDomain, commandContext);
        } else {
            if (securityDomain.getSecurityDomain() == null || securityDomain.getSecurityDomain().equals(authSecurityBuilder.getReferencedSecurityDomain())) {
                return;
            }
            HTTPServer.writeReferencedSecurityDomain(authSecurityBuilder, this.securityDomain, commandContext);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jboss.as.cli.impl.aesh.cmd.security.auth.AbstractEnableAuthenticationCommand
    public AuthSecurityBuilder buildSecurityRequest(CommandContext commandContext) throws Exception {
        if (!HTTPServer.isReferencedSecurityDomainSupported(commandContext)) {
            return super.buildSecurityRequest(commandContext);
        }
        if (getMechanism() != null) {
            if (this.referencedSecurityDomain != null) {
                throw new CommandException("Can't mix mechanism and referenced security domain");
            }
            return super.buildSecurityRequest(commandContext);
        }
        if (this.referencedSecurityDomain == null) {
            this.referencedSecurityDomain = getOOTBSecurityDomain(commandContext);
        }
        if (!ElytronUtil.securityDomainExists(commandContext, this.referencedSecurityDomain)) {
            throw new CommandException("Can't enable HTTP Authentication, security domain " + this.referencedSecurityDomain + " doesn't exist");
        }
        AuthSecurityBuilder authSecurityBuilder = new AuthSecurityBuilder(this.referencedSecurityDomain);
        secure(commandContext, authSecurityBuilder);
        return authSecurityBuilder;
    }

    @Override // org.jboss.as.cli.impl.aesh.cmd.security.auth.AbstractEnableAuthenticationCommand
    protected String getEnabledFactory(CommandContext commandContext) throws IOException, OperationFormatException {
        return HTTPServer.getSecurityDomainFactoryName(this.securityDomain, commandContext);
    }

    @Override // org.jboss.as.cli.impl.aesh.cmd.security.auth.AbstractEnableAuthenticationCommand
    protected String getOOTBFactory(CommandContext commandContext) throws Exception {
        return ElytronUtil.OOTB_APPLICATION_HTTP_FACTORY;
    }

    protected String getOOTBSecurityDomain(CommandContext commandContext) throws Exception {
        return ElytronUtil.OOTB_APPLICATION_DOMAIN;
    }

    @Override // org.jboss.as.cli.impl.aesh.cmd.security.auth.AbstractEnableAuthenticationCommand
    protected String getSecuredEndpoint(CommandContext commandContext) {
        return "security domain " + this.securityDomain;
    }
}
